Now, here is the interesting part:
If ou are behind a corporate proxy or something
that does not directly allow you to connect to
the Internet site of Globalsign ( 64.18.25.38 ), then
the process consent.exe is trying to check the validity
of the CERT and uses this site to see revocation lists etc.

This poses a great deal of SYN_SENT towards the site
to port 80 until the site web server responds with the
necessary data. Please check http://64.18.25.38

We can monitor this with TCPview from Sysinternals.

Until the site responds or the consecutive Web requests
return or timeout, CAD.exe is not getting executed.

After all unsuccessful requests timeout, CAD.exe is fired up
and Control Alt Delete is pressed...

I can confirm this being responsible for those delays. We are also suffering from this problem.

After reading this post I asked our network administrator to temporary allow direct access to 64.18.25.38:80 bypassing the firewall: Windows logon window appeared within a few seconds.
Of course he would be not happy with creating firewall exceptions due to this issue.

Some more experiences with this workaround: It seems that a connection to 64.18.25.38:80 has to exist just once. Now when the firewall is closed again, CTRL-ALT-DEL is still processed withing a second. It seems that the CRLs are just downloaded once or the signature has to be valitated just once per machine.

I can confirm this as well. We just started testing Windows 7 Pro in our AD 2003 environment and I found that when I hit CAD through the viewer, there was a significant delay. I opened up the firewall for the IP listed above and the delay vanished. I then closed the IP on our firewall and was still able to hit CAD without a delay. VNC Server and Viewer versions are 1.0.8.2.

I have not been able to work around the CAD problem. I've read everything I can find about it with no resolution.

I have two Windows 7 machines, one is x86 (Ultimate), the other x64 (Pro). The symptoms are the same on both machines. I have MS Security Essentials running on both. I have disabled it with no change.

If I run 1.0.8.2 as a service, it runs fine but CAD doesn't work.

If I run 1.0.8.2 as an application, started as the local administrator, everything works UNTIL the system goes to the locked screen (uvnc disconnect, for example), then when trying to reconnect it says "server closed connection - the server running as application". Going the keyboard and reactivating (CAD/username/password) lets UVNC work again until the system goes to locked state again.

CAD.EXE is in the UltraVNC directory, as is schook.dll I have tried tagging cad.exe to "run in administrator mode" with no change.

One thing I noticed is that the certificate for CAD.EXE expired last April.

As a service, winvnc starts as the system user with access to the desktop.

Also, if a remote machine is connected and I go to the UltraVNC directory and run CAD from the local keyboard, there is no reaction on the system: no error message, nothing, the normal command prompt returns.

santonoff wrote:Also, if a remote machine is connected and I go to the UltraVNC directory and run CAD from the local keyboard, there is no reaction on the system: no error message, nothing, the normal command prompt returns.

Exillion's work-around seems to be forgetful: Now our servers need 1-2mins again to show login screen. Seems that the certificate download is tried again after a period of time (30days, for example) and if the firewall is closed again: Wait.

Unfortunately, this is not the problem: I have never turned UAC off. I had it set to the default setting of dimming the screen when I started, then changed it to notify but not dim the screen (as recommended by UltraVNC forums). I get UAC notifications all the time.

yutt wrote:

santonoff wrote:Also, if a remote machine is connected and I go to the UltraVNC directory and run CAD from the local keyboard, there is no reaction on the system: no error message, nothing, the normal command prompt returns.

I am running on Windows 7 Ultimate x64. When I try to run cad.exe it says not compatible with this version of Windows. Never saw this mentioned in any posts, nor do I see how I can manually download cad.exe.

First of all: I also had problems with cad.exe on Windows 7, tried different UAC-settings, tried to create a cad-service but nothing happened.no error - nothing.

I've noticed that on my PCs the certificate-chain for cad.exe cannot be followed back to the root. Later I found out that Windows 7 is no longer shipped with installed root certificates - so I applied KB931125 and gladly everything changed back to normal again.